Cyber Defense Analyst, Lead in Quantico, VA at Booz Allen Hamilton Inc.

Date Posted: 9/23/2018

Job Snapshot

Job Description

Job Number: R0033262

Cyber Defense Analyst, Lead

Key Role:

Review and refine event correlation rules for implementation on the enterprise network's security information and event manager (SIEM). Manage and improve the government’s defensive detection strategy through the deployment of new signature policies and robust correlation rules for the SIEM. Provide SIEM subject matter expertise in McAfee’s Nitro Security or Enterprise Security Manager toolset for administration, operations, and advanced correlation. Analyze the establishment of team processes and procedures for daily SIEM analysis and coordination with incident management analyst detection tasks. Employ methods to improve SIEM correlation rules, including employing events from multiple data sources to provide more reliable CND alerts. Modify SIEM views to eliminate false-positive or unnecessary alerts. Provide monthly metrics on the number and nature of these tuning efforts.

Basic Qualifications:

-5+ years of experience with managing an enterprise-grade SIEM toolset, including maintenance, Cyber analytics, and correlation use cases

-5+ years of experience with CND and Cybersecurity tools

-Experience with leveraging network and host based sensors and other Cybersecurity tools to enhance the detection of adversary activity

-Experience with analyzing and communicating network security issues to peers and to management

-Top Secret clearance

-HS diploma or GED

-DoD 8570 IAT Level II and CSSP Infrastructure Support Certification, includingGICSP, SSCP, or CySA+

Additional Qualifications:

-Experience in implementing or assessing compliance wit DoD, Department of Navy (DON), or US Marine Corps (USMC) CND policies, regulations, and compliance documents

-BA or BS degree in IT orCS

-Professional certification in one or more technical fields or computing environments (CEs), including Windows, UNIX, or Red Hat Linux


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.